Aegis Aerospace Inc.
Mid-Level Cyber Threat Emulation Analyst (Secret)
Aegis Aerospace Inc., Colorado Springs, Colorado, United States, 80509
Mid‑Level Cyber Threat Emulation Analyst (Secret)
Employer:
Aegis Aerospace Inc.
Location:
Schriever Space Force Base, Colorado Springs, CO
Remote / Telework:
Not available
Clearance Required:
Active DoD Secret Security Clearance
Work Schedule:
Day shift, Monday–Friday
Travel:
Up to 10% of the time
Position Summary The Mid‑Level Cyber Threat Emulation Analyst supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. This role focuses on executing cyber threat emulation (CTE) and supporting Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) tasks, while also contributing to cybersecurity training, incident response, and enterprise‑wide cyber risk assessments.
Key Responsibilities
Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM).
Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise‑wide security posture.
Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture.
Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation.
Measure effectiveness of defense‑in‑depth architecture against known vulnerabilities.
Generate vulnerability assessment reports for customers and elevate for further review.
Support Incident Response across the enterprise in accordance with DoD regulations and instructions.
Lead cyber events and incident investigations from start to conclusion, gathering data, analysis, and reporting.
Assist in developing an Exploitation Analyst training plan by instructing, evaluating, and mentoring junior, mid, and senior analysts.
Receive, review, and implement directed Higher Headquarters Tasking Orders (HHQ) and/or Fragmentary Orders weekly.
Perform Cyber Threat Emulation (CTE) actions with Automated Security Validation toolset as directed by HHQ.
Execute CTE actions within the approved network zones with the specific adversary tactics, techniques, and procedures (TTPs) documented in each engagement to assess toolset detection and alerting.
Create custom dashboards and reports to communicate post‑engagement analysis of each CTE engagement, including identified vulnerabilities, recommended remediation steps, assessment of the system’s security posture, and incident response to government within a specified amount of time after completion of engagement.
Draft and submit Cyber Tasking Orders (CTOs) to remediate issues found in report findings during CTE actions.
Collaborate with the Cyberspace Domain Awareness (CDA) to develop evaluation criteria and methodologies aligned with HHQ inspection requirements and industry best practices.
Minimum Qualifications
U.S. Citizen
Active DoD Secret Security Clearance
6 or more years of general full‑time work experience
4 years of combined experience with: Performing manual or automated penetration testing in an enterprise environment; Practical experience with vulnerability assessment, cybersecurity frameworks, or conducting risk assessments; Experience performing the full life cycle of incident response and enterprise‑level monitoring; 1 year experience in management or leadership in a team environment.
Current DoD 8570.01‑M IAT Level II certification with Continuing Education (CySA+, GICSP, GSEC, Security+ CE, SSCP)
Must obtain, or already hold, a PenTest+ certification within 6 months of start date.
Desired Qualifications
Bachelor’s degree or higher in Cybersecurity, Computer Science or related field.
Experience with Cyber Threat Emulation tools, policies, and procedures.
Experience operating custom software on top of a Linux platform.
Experience with security analysis and solutions in a WAN/LAN environment, including routers, switches, network devices, and operating systems (Windows and Linux).
Experience with other SOC/DCO tools/applications such as Firewalls, IDS/IPS, Network Security Manager, Bluecoat, Barracuda, etc.
Experience performing security compliance scans across a WAN (ACAS/Nessus preferred).
Background in configuration, troubleshooting, and deployment of host‑based security (ESS preferred).
Ability to mentor and train personnel in a high‑paced environment.
Familiarity with DoD Security Operations Centers (SOC) and CSSP.
Familiarity with DCO/CSSP guiding security policies and procedures.
Active DoD Top Secret clearance (preferred).
Compensation Salary Range: $120,000 – $132,000 annually. Final compensation is based on experience, education, and directly relevant certifications.
Application Instructions Resumes must be submitted in month/year format. All application responses must be complete and truthful. Misrepresentation or falsification may result in disqualification and may be reported under federal contractor compliance and security requirements. Only U.S. citizens with an active DoD Secret Security Clearance will be considered.
About Aegis Aerospace We are a woman‑owned space and technology company headquartered in Houston, TX. With more than 30 years of experience, our mission is to support the Department of Defense and NASA in defending national security, advancing exploration, and pioneering innovation. Our team includes some of the brightest minds in aerospace, committed to delivering cutting‑edge solutions in space operations, simulation, and engineering. To learn more about Aegis Aerospace, please visit
http://www.AegisAero.com
Equal Opportunity Employer / Protected Veteran / Disability
Seniority level:
Mid‑Senior level
Employment type:
Full‑time
Job function:
Information Technology
Industries:
Defense and Space Manufacturing
#J-18808-Ljbffr
Aegis Aerospace Inc.
Location:
Schriever Space Force Base, Colorado Springs, CO
Remote / Telework:
Not available
Clearance Required:
Active DoD Secret Security Clearance
Work Schedule:
Day shift, Monday–Friday
Travel:
Up to 10% of the time
Position Summary The Mid‑Level Cyber Threat Emulation Analyst supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. This role focuses on executing cyber threat emulation (CTE) and supporting Defensive Cyber Operations (DCO) and Cyber Security Service Provider (CSSP) tasks, while also contributing to cybersecurity training, incident response, and enterprise‑wide cyber risk assessments.
Key Responsibilities
Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM).
Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise‑wide security posture.
Analyze correlated assets, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture.
Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation.
Measure effectiveness of defense‑in‑depth architecture against known vulnerabilities.
Generate vulnerability assessment reports for customers and elevate for further review.
Support Incident Response across the enterprise in accordance with DoD regulations and instructions.
Lead cyber events and incident investigations from start to conclusion, gathering data, analysis, and reporting.
Assist in developing an Exploitation Analyst training plan by instructing, evaluating, and mentoring junior, mid, and senior analysts.
Receive, review, and implement directed Higher Headquarters Tasking Orders (HHQ) and/or Fragmentary Orders weekly.
Perform Cyber Threat Emulation (CTE) actions with Automated Security Validation toolset as directed by HHQ.
Execute CTE actions within the approved network zones with the specific adversary tactics, techniques, and procedures (TTPs) documented in each engagement to assess toolset detection and alerting.
Create custom dashboards and reports to communicate post‑engagement analysis of each CTE engagement, including identified vulnerabilities, recommended remediation steps, assessment of the system’s security posture, and incident response to government within a specified amount of time after completion of engagement.
Draft and submit Cyber Tasking Orders (CTOs) to remediate issues found in report findings during CTE actions.
Collaborate with the Cyberspace Domain Awareness (CDA) to develop evaluation criteria and methodologies aligned with HHQ inspection requirements and industry best practices.
Minimum Qualifications
U.S. Citizen
Active DoD Secret Security Clearance
6 or more years of general full‑time work experience
4 years of combined experience with: Performing manual or automated penetration testing in an enterprise environment; Practical experience with vulnerability assessment, cybersecurity frameworks, or conducting risk assessments; Experience performing the full life cycle of incident response and enterprise‑level monitoring; 1 year experience in management or leadership in a team environment.
Current DoD 8570.01‑M IAT Level II certification with Continuing Education (CySA+, GICSP, GSEC, Security+ CE, SSCP)
Must obtain, or already hold, a PenTest+ certification within 6 months of start date.
Desired Qualifications
Bachelor’s degree or higher in Cybersecurity, Computer Science or related field.
Experience with Cyber Threat Emulation tools, policies, and procedures.
Experience operating custom software on top of a Linux platform.
Experience with security analysis and solutions in a WAN/LAN environment, including routers, switches, network devices, and operating systems (Windows and Linux).
Experience with other SOC/DCO tools/applications such as Firewalls, IDS/IPS, Network Security Manager, Bluecoat, Barracuda, etc.
Experience performing security compliance scans across a WAN (ACAS/Nessus preferred).
Background in configuration, troubleshooting, and deployment of host‑based security (ESS preferred).
Ability to mentor and train personnel in a high‑paced environment.
Familiarity with DoD Security Operations Centers (SOC) and CSSP.
Familiarity with DCO/CSSP guiding security policies and procedures.
Active DoD Top Secret clearance (preferred).
Compensation Salary Range: $120,000 – $132,000 annually. Final compensation is based on experience, education, and directly relevant certifications.
Application Instructions Resumes must be submitted in month/year format. All application responses must be complete and truthful. Misrepresentation or falsification may result in disqualification and may be reported under federal contractor compliance and security requirements. Only U.S. citizens with an active DoD Secret Security Clearance will be considered.
About Aegis Aerospace We are a woman‑owned space and technology company headquartered in Houston, TX. With more than 30 years of experience, our mission is to support the Department of Defense and NASA in defending national security, advancing exploration, and pioneering innovation. Our team includes some of the brightest minds in aerospace, committed to delivering cutting‑edge solutions in space operations, simulation, and engineering. To learn more about Aegis Aerospace, please visit
http://www.AegisAero.com
Equal Opportunity Employer / Protected Veteran / Disability
Seniority level:
Mid‑Senior level
Employment type:
Full‑time
Job function:
Information Technology
Industries:
Defense and Space Manufacturing
#J-18808-Ljbffr